To protect a directory in Apache web server, you need to create two files “.htaccess” and “.htpasswd”. “.htaccess” has to be placed under your designated directory. Once you place “.htaccess” under a directory, all its sub directories will inherit its parent properties. Each folder can have its own “.htaccess” file, if it needs to override or extend its parents’ properties.

“.htpasswd” is for storing Usernames and Passwords. It can be placed in the each directory or at a common place to maintain all logins at one place.

In “.htaccess” file you have to specify the path to “.htpasswd”. To protect a web folder the contents in “.htaccess” will be

AuthUserFile C:\wamp\passwords\.htpasswd
AuthName "This is Hasten secret area"
AuthType Basic
<Limit GET POST>
require valid-user
</Limit>

To create “.htpasswd” file with Usernames and Passwords in it, you can find a utility “htpasswd.exe” under “<Apache’s installation directory>/bin” or you can create them online using Dave Child’s page.

In command prompt navigate to the above directory and type below command
htpasswd .htpasswd a-user-name

It creates “.htpasswd” file under “<Apache’s installation directory>/bin” itself. Repeat the same command to add more usernames. Cut the file from there and paste it under desired place as mentioned in the “.htaccess” – “AuthUserFile”.

If you create with Dave Child’s page, paste the text in notepad and save file as “.htpasswd” in desired directory as mentioned in the “.htaccess” – “AuthUserFile”.

Up to now we have seen password protecting a parent folder. Now by placing the following “.htaccess” file in sub folder will make it unprotected. The contents in “.htaccess” will be

That’s it! It’s simple!

Are you facing any problem, let’s do discuss here, post your comment.
Let me know your feedback.